What steps have been taken to address privacy and security risks associated with the sharing of information?
Only aggregated, non-personally identifiable information is made available to users. This information conforms to Government of Alberta Information Management and security guidelines. The OSI conducted a Privacy and Security Risk Assessment where the final report concluded that the main risk was based on the potential for residual disclosure. Residual disclosure occurs where, in some cases, it may be possible to deduce or infer personal characteristics about individuals represented in aggregated data products by comparing multiple data products. Appropriate steps have been taken to mitigate the risk of the release of identifiable personal information. A Privacy Impact Assessment (PIA) is being finalized for OSI operations.
